Results 1 
8 of
8
Shielding circuits with groups
, 2012
"... We show how to efficiently compile any given circuit C into a leakageresistant circuit Ĉ such that any function on the wires of Ĉ that leaks information during a computation Ĉ(x) yields advantage in computing the product of ĈΩ(1) elements of the alternating group Au. In combination with new compr ..."
Abstract

Cited by 9 (2 self)
 Add to MetaCart
We show how to efficiently compile any given circuit C into a leakageresistant circuit Ĉ such that any function on the wires of Ĉ that leaks information during a computation Ĉ(x) yields advantage in computing the product of ĈΩ(1) elements of the alternating group Au. In combination with new compression bounds for Au products, also obtained here, Ĉ withstands leakage from virtually any class of functions against which averagecase lower bounds are known. This includes communication protocols, and AC 0 circuits augmented with few arbitrary symmetric gates. If NC 1 = TC 0 then the construction resists TC 0 leakage as well. We also conjecture that our construction resists NC 1 leakage. In addition, we extend the construction to the multiquery setting by relying on a simple secure hardware component. We build on Barrington’s theorem [JCSS ’89] and on the previous leakageresistant constructions by Ishai et al. [Crypto ’03] and Faust et al. [Eurocrypt ’10]. Our construction exploits properties of Au beyond what is sufficient for Barrington’s theorem.
On the Complexity of Information Spreading in Dynamic Networks
"... This paper was published in Proceedings of the Annual ..."
Abstract

Cited by 4 (0 self)
 Add to MetaCart
(Show Context)
This paper was published in Proceedings of the Annual
Electronic Colloquium on Computational Complexity, Report No. 147 (2014)
, 2014
"... We develop a new method to prove communication lower bounds for composed functions of the form f ◦gn where f is any boolean function on n inputs and g is a sufficiently “hard ” twoparty gadget. Our main structure theorem states that each rectangle in the communication matrix of f ◦gn can be simulat ..."
Abstract
 Add to MetaCart
We develop a new method to prove communication lower bounds for composed functions of the form f ◦gn where f is any boolean function on n inputs and g is a sufficiently “hard ” twoparty gadget. Our main structure theorem states that each rectangle in the communication matrix of f ◦gn can be simulated by a nonnegative combination of juntas. This is the strongest yet formalization for the intuition that each lowcommunication randomized protocol can only “query ” few inputs of f as encoded by the gadget g. Consequently, we characterize the communication complexity of f ◦ gn in all known onesided zerocommunication models by a corresponding query complexity measure of f. These models in turn capture important lower bound techniques such as corruption, smooth rectangle bound, relaxed partition bound, and extended discrepancy. As applications, we resolve several open problems from prior work: We show that SBPcc (a class characterized by corruption) is not closed under intersection. An immediate corollary is that MAcc 6 = SBPcc. These results answer questions of Klauck (CCC 2003) and Böhler et al. (JCSS 2006). We also show that approximate nonnegative rank of partial boolean matrices
Rectangles Are Nonnegative Juntas
, 2014
"... We develop a new method to prove communication lower bounds for composed functions of the form f ◦gn where f is any boolean function on n inputs and g is a sufficiently “hard ” twoparty gadget. Our main structure theorem states that each rectangle in the communication matrix of f ◦gn can be simulat ..."
Abstract
 Add to MetaCart
We develop a new method to prove communication lower bounds for composed functions of the form f ◦gn where f is any boolean function on n inputs and g is a sufficiently “hard ” twoparty gadget. Our main structure theorem states that each rectangle in the communication matrix of f ◦gn can be simulated by a nonnegative combination of juntas. This is the strongest yet formalization for the intuition that each lowcommunication randomized protocol can only “query ” few inputs of f as encoded by the gadget g. Consequently, we characterize the communication complexity of f ◦ gn in all known onesided zerocommunication models by a corresponding query complexity measure of f. These models in turn capture important lower bound techniques such as corruption, smooth rectangle bound, relaxed partition bound, and extended discrepancy. As applications, we resolve several open problems from prior work: We show that SBPcc (a class characterized by corruption) is not closed under intersection. An immediate corollary is that MAcc 6 = SBPcc. These results answer questions of Klauck (CCC 2003) and Böhler et al. (JCSS 2006). We also show that approximate nonnegative rank of partial boolean matrices
Global Information Sharing under Network Dynamics
"... We study how to spread k tokens of information to every node on an nnode dynamic network, the edges of which are changing at each round. This basic gossip problem can be completed in O(n + k) rounds in any static network, and determining its complexity in dynamic networks is central to understandi ..."
Abstract
 Add to MetaCart
(Show Context)
We study how to spread k tokens of information to every node on an nnode dynamic network, the edges of which are changing at each round. This basic gossip problem can be completed in O(n + k) rounds in any static network, and determining its complexity in dynamic networks is central to understanding the algorithmic limits and capabilities of various dynamic network models. Our focus is on tokenforwarding algorithms, which do not manipulate tokens in any way other than storing, copying and forwarding them. We first consider the strongly adaptive adversary model where in each round, each node first chooses a token to broadcast to all its neighbors (without knowing who they are), and then an adversary chooses an arbitrary connected communication network for that round with the knowledge of the tokens chosen by each node. We show that Ω(nk / log n + n) rounds are needed for any randomized (centralized or distributed) tokenforwarding algorithm to disseminate the k tokens, thus resolving an open problem raised in [KLO10]. The bound applies to a wide class of initial token distributions, including those in which each token is held by exactly one node and wellmixed ones in which each node has each token independently with a constant probability.